If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Thoughts on passwords?

I read a recent article about the escalating number of computer passwords people have to remember, sometimes having to think of a new one every 30 days or something, and it reminded me of my own password habits and how they're less than optimal.

My passwords are often not as strong and as they could be because I have to be able to memorize them, since I don't write them down anywhere.

I've always avoided password managers because I'm worried that if my master psd is compromised, then I lose everything.

I also read a different article where a "security guru" suggested actually writing down strong passwords, because the risk of losing a piece of paper stuck in your wallet, for example, is actually much less than the risk of someone hacking a weaker password.

I guess what I'm pondering this morning is, (1) is it more secure to use a password manager with a strong master password to keep track of many other strong passwords? or is the 2nd option better, where (2) the risk of losing a written list of your passwords is actually less than the risk of weaker passwords being hacked?

Or is it safer to have several "weaker" passwords with no record of them except in my head, but use the same password for more than one account?

Anyone else here have any comments, thoughts, opinions?

Why is everyone who drives slower than me an idiot, and everyone who drives faster a maniac?

My passwords are often not as strong and as they could be because I have to be able to memorize them, since I don't write them down anywhere.

maybe about that you should try a diffrent way how to memorize the passwords. instead of memorize the single letter, use a quote which you can remember and build your password from it. for example by using the first latter of each word and replacing some letters by numbers or symbols which may look like the substituted letters. (replace s by $ for example and so on) and then maybe you can capitalize the nouns or whatever to get some capital letters.
perhaps i should begin doing that too.

Originally Posted by canuck31003

(1) is it more secure to use a password manager with a strong master password to keep track of many other strong passwords?

the main concern about those which i have is: how transportable is it (if necessary)? i mean can you use them on any computer? especially on public ones which may have restrictions that you can't even run those managers. and therefore you can't get your passwords. if it's working who tells you that on those aren't any loggers installed which log everything what you do incl. the passwords.
i'd so there's no use for those if you aren't sure about your environment where you are using those.

Originally Posted by canuck31003

(2) the risk of losing a written list of your passwords is actually less than the risk of weaker passwords being hacked?

well if you don't lose the list, but can't remember where you leave it. nothing helps you then. writing down passwords is the biggest security hole anyway. if it's not losing then maybe stealing.

Originally Posted by canuck31003

Or is it safer to have several "weaker" passwords with no record of them except in my head, but use the same password for more than one account?

well perhaps now you can improve the weaker ones with stronger ones with the method mentioned above.
same password everywhere isn't the best thing too, but i'd say on simliar things using the same password is OK. with everthings on the net available you would need hundreds of passwords. just diffrent ones on the more sensitive stuff, where it would really hurt if someone hacks them.

Fortunately, I have a fairly good system. I have been an avid AD&D player in a single game for 28 years now. The same group of guys have been playing it with the same DM all of this time, so everything about that world is ingrained in our minds like real life. It's very easy to draw references from that which I can always remember, like characters' names (thus my name :jeriddian). The passwords are always related very easily to those character names, and all but unbreakable if you are not part of the game I play. And I trust those guys not to steal them.......well, except the dwarven thief guy, I don't know about him. He steals everything, it seems.........:P (j/k)

Fortunately, I have a fairly good system. I have been an avid AD&D player in a single game for 28 years now. The same group of guys have been playing it with the same DM all of this time, so everything about that world is ingrained in our minds like real life. It's very easy to draw references from that which I can always remember, like characters' names (thus my name :jeriddian). The passwords are always related very easily to those character names, and all but unbreakable if you are not part of the game I play. And I trust those guys not to steal them.......well, except the dwarven thief guy, I don't know about him. He steals everything, it seems.........:P (j/k)

And here I had been speculating that it had something to do with the Jeri-Dan towtruck company

Admiral Isoroku Yamamoto - “You cannot invade the mainland United States. There would be a rifle behind each blade of grass.”

Ah... AD&D, that brings back memories. During high school my friends and I were avid players.

I have been an avid AD&D player in a single game for 28 years now.

Now that's dedication.

Truthfully, you have no idea how dedicated......You would not believe the scope of this game.....IMHO, the greatest on the planet........seriously.

Originally Posted by lunchmeat

Originally Posted by jeriddian

Fortunately, I have a fairly good system. I have been an avid AD&D player in a single game for 28 years now. The same group of guys have been playing it with the same DM all of this time, so everything about that world is ingrained in our minds like real life. It's very easy to draw references from that which I can always remember, like characters' names (thus my name :jeriddian). The passwords are always related very easily to those character names, and all but unbreakable if you are not part of the game I play. And I trust those guys not to steal them.......well, except the dwarven thief guy, I don't know about him. He steals everything, it seems.........:P (j/k)

And here I had been speculating that it had something to do with the Jeri-Dan towtruck company

I've seen those tow trucks around. But no, they weren't the basis of the name.:P

Most of my passwords are the same or slight variations of the same. In cases where a hacked account would really hurt (like Gmail or MySpace), I come up with a completely different password. In cases where I won't really care about a hacked account, I just pick something really, really simple.

My favorite password to use is brilliant in its simplicity. It's unique to me because it comes from a project I worked on, offline, back in the 1990s, and nothing regarding that project has ever seen the light of day; never published, shared, or disseminated in any way, shape, or form.

I only use that one password for personal accounts, usually for message boards. For any account that actually involves monetary transfers, for example, I have a different series of passwords; for work, another entirely different series.

And then there are times where I use a different password for the heck of it.

October is National Cyber Security Month and to celebrate, we’re launching... Tip of the Month series.

Today we introduce the concept of using a pass phrase instead of a password. Why?...because Pass Phrases are MORE SECURE and EASIER TO REMEMBER! Did you know that some agencies have already switched to pass phrases and that the Federal government may soon require all agencies to use them? Why not create yours now?

What’s the difference? When you think of a password, people generally think of a word like “Password” or a string of random symbols, such as “R*n]2eB%d” or a combination of the two such as “P@s$w0rd”. Pass phrases typically have spaces between words and are longer than the majority of words.

Why is a pass phrase better? From the standpoint of password guessing or cracking, a 5- or 6-word pass phrase is roughly as strong as a completely random 9 character password. Most people can remember a 6-word pass phrase much easier than a totally random 9-character password.

How can you make a real secure pass phrase? Be creative. Make it personal to you--even funny.

Select a phrase that is more than 4 words—preferable 6

Stay away from common phrases or quotes

Mix short and long words and remember that sentences need not be intelligible

Character substitutions and/or misspelling strengthen the pass phrase

Mix languages

Exclude some of the spaces between words.

Truthfully, you have no idea how dedicated......You would not believe the scope of this game.....IMHO, the greatest on the planet........seriously.

Do you have one DM, or do you switch with different campaigns?

Why is everyone who drives slower than me an idiot, and everyone who drives faster a maniac?